PSCBO: A provably secure consensus-based blockchain Oracle

IF 4.1 2区 计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE
Yusong Yao , Yiwen Shi , Guohua Tian , Meixia Miao , Willy Susilo
{"title":"PSCBO: A provably secure consensus-based blockchain Oracle","authors":"Yusong Yao ,&nbsp;Yiwen Shi ,&nbsp;Guohua Tian ,&nbsp;Meixia Miao ,&nbsp;Willy Susilo","doi":"10.1016/j.csi.2024.103892","DOIUrl":null,"url":null,"abstract":"<div><p>Blockchain technology, successful in cryptocurrency, holds transformative potential for various industries. In decentralized applications driven by blockchain, acquiring non-digitally verifiable data is crucial, particularly in smart contracts. To facilitate the transfer of off-chain data from websites to the blockchain, several studies have proposed various centralized and decentralized blockchain Oracles. However, centralized Oracles reintroduce central risks, such as the Single Point of Failure, while decentralized Oracles consistently rely on a voting mechanism, which incurs additional vulnerabilities and substantial costs. In this work, we uncover a misdirection attack in decentralized Oracles, resulting in a diminished security region in blockchain consensus. This manifests as prolonged settle times and reduced upper bounds for tolerance of adversarial consensus chip. By formalizing the voting process as a discrete-time Markov chain (DTMC), we further demonstrate that the maximum stake of the adversary for launching a misdirection attack is less than 50%. To counteract this threat, we introduce a novel voting model that relies on chain length rather than block data for voting. Formally, we propose the definition of our model named <span><math><mrow><mi>V</mi><mi>o</mi><mi>t</mi><mi>e</mi><mi>F</mi><mi>o</mi><mi>r</mi><mi>k</mi></mrow></math></span>. Following this, we present the specific consensus-based blockchain Oracle protocol, PSCBO. This protocol involves blockchain clients collecting and providing Oracle data, with an epoch-based voting mechanism to verify each set of Oracle information. We also analyze the security of the PSCBO backbone <span><math><mrow><mi>V</mi><mi>o</mi><mi>t</mi><mi>e</mi><mi>F</mi><mi>o</mi><mi>r</mi><mi>k</mi></mrow></math></span>, demonstrating its security region akin to a typical blockchain. Finally, we implement a proof-of-concept system to validate the security region and further underscore the practicality. Both security analysis and experiments affirm that PSCBO exhibits a higher adversarial fault tolerance and shorter waiting time to confirm transactions.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"91 ","pages":"Article 103892"},"PeriodicalIF":4.1000,"publicationDate":"2024-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Standards & Interfaces","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0920548924000618","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0

Abstract

Blockchain technology, successful in cryptocurrency, holds transformative potential for various industries. In decentralized applications driven by blockchain, acquiring non-digitally verifiable data is crucial, particularly in smart contracts. To facilitate the transfer of off-chain data from websites to the blockchain, several studies have proposed various centralized and decentralized blockchain Oracles. However, centralized Oracles reintroduce central risks, such as the Single Point of Failure, while decentralized Oracles consistently rely on a voting mechanism, which incurs additional vulnerabilities and substantial costs. In this work, we uncover a misdirection attack in decentralized Oracles, resulting in a diminished security region in blockchain consensus. This manifests as prolonged settle times and reduced upper bounds for tolerance of adversarial consensus chip. By formalizing the voting process as a discrete-time Markov chain (DTMC), we further demonstrate that the maximum stake of the adversary for launching a misdirection attack is less than 50%. To counteract this threat, we introduce a novel voting model that relies on chain length rather than block data for voting. Formally, we propose the definition of our model named VoteFork. Following this, we present the specific consensus-based blockchain Oracle protocol, PSCBO. This protocol involves blockchain clients collecting and providing Oracle data, with an epoch-based voting mechanism to verify each set of Oracle information. We also analyze the security of the PSCBO backbone VoteFork, demonstrating its security region akin to a typical blockchain. Finally, we implement a proof-of-concept system to validate the security region and further underscore the practicality. Both security analysis and experiments affirm that PSCBO exhibits a higher adversarial fault tolerance and shorter waiting time to confirm transactions.

PSCBO:基于共识的可证明安全区块链 Oracle
在加密货币领域取得成功的区块链技术为各行各业带来了变革潜力。在由区块链驱动的去中心化应用中,获取非数字可验证数据至关重要,尤其是在智能合约中。为了便于将链外数据从网站传输到区块链,一些研究提出了各种中心化和去中心化的区块链 "Oracles"。然而,中心化的Oracles会重新带来中心风险,如单点故障,而去中心化的Oracles则始终依赖于投票机制,这会带来额外的漏洞和巨大的成本。在这项工作中,我们发现了去中心化 Oracles 中的误导攻击,导致区块链共识的安全区域减小。这表现为结算时间的延长和对抗性共识芯片容忍度上限的降低。通过将投票过程形式化为离散时间马尔可夫链(DTMC),我们进一步证明了对手发起误导攻击的最大风险小于 50%。为了应对这种威胁,我们引入了一种新的投票模型,该模型依靠链的长度而不是区块数据进行投票。在形式上,我们提出了名为 VoteFork 的模型定义。随后,我们介绍了具体的基于共识的区块链 Oracle 协议 PSCBO。该协议涉及区块链客户端收集和提供 Oracle 数据,并采用基于纪元的投票机制来验证每组 Oracle 信息。我们还分析了 PSCBO 骨干 VoteFork 的安全性,证明其安全区域类似于典型的区块链。最后,我们实现了一个概念验证系统,以验证安全区域并进一步强调实用性。安全分析和实验都证实,PSCBO 具有更高的对抗性容错能力和更短的交易确认等待时间。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Computer Standards & Interfaces
Computer Standards & Interfaces 工程技术-计算机:软件工程
CiteScore
11.90
自引率
16.00%
发文量
67
审稿时长
6 months
期刊介绍: The quality of software, well-defined interfaces (hardware and software), the process of digitalisation, and accepted standards in these fields are essential for building and exploiting complex computing, communication, multimedia and measuring systems. Standards can simplify the design and construction of individual hardware and software components and help to ensure satisfactory interworking. Computer Standards & Interfaces is an international journal dealing specifically with these topics. The journal • Provides information about activities and progress on the definition of computer standards, software quality, interfaces and methods, at national, European and international levels • Publishes critical comments on standards and standards activities • Disseminates user''s experiences and case studies in the application and exploitation of established or emerging standards, interfaces and methods • Offers a forum for discussion on actual projects, standards, interfaces and methods by recognised experts • Stimulates relevant research by providing a specialised refereed medium.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信